TCPIP Updates – NET+OS 6.0

 

Last Updated: 05/15/07         Fix Count: 7

 

Title

No response when network portion of IP address is 0

 

Case:  1230305

 

Date Fixed: 05/15/07

 

Description

The stack was configured to determine whether the net portion of an IP address is 0, and not allow use of addresses in that range.
The stack returned true for the following addresses :
 
         0.X.X.X       - Class A network 0
       128.0.X.X       - Class B network 0
       192.0.0.X       - Class C network 0

 ( 'X' is the host portion of the address )

Solution

 

Title

Problem creating more than 61 sockets

 

Case:  1220906

 

Date Fixed: 11/22/06

 

Description

An application that creates approximately 61 - 64 threads that have all called accept to wait for a connection from a client can run into a problem where the system will freeze. This will only be seen when all the threads are waiting simultaneously for a connections from clients.

 

The code that implements accept was calling into an internal NET+OS TCPIP stack-related function that facilitates putting threads to sleep while waiting for system action. When the structure for holding information about these sleeping threads completely filled and returned an error condition code, the accept function was not checking the contents of this returned error code. This was leaving the accept code vulnerable to trying to wakeup a thread for which the sleep function's structure had not information. This was causing a freeze condition.

 

Solution

The accept function now checks the status returned by the sleep function. If this return code indicates an error, accept will return -1 as the socket that would have been created by the call to accept, indicating that the call to accept failed.

 

In addition, the number of events that the sleep function can wait on has been increased from 64 to 128, placing it on par with the number of sockets available within NET+OS.

 

An application can now create many more such accept-waiting threads than before. In addition, should the limit be reached, instead of freezing, the accept function will now gracefully return a negative status code to the application.

 

Title

Low Memory network conditions are slow to recover

Case: 16220

Date fixed: 09/22/06

Description

During extreme network activity, the TCPIP stack enters a low memory condition, causing dropped packets, and causing long delays in networking applications.  This is most apparent in wireless applications.

Solution

Corrected defects in the TCPIP stack when entering low memory conditions.

 

Title

Sockets API bind failures

 

Case:  16346

 

Date Fixed: 06/16/06

 

Description

bind() fails when binding to a specific IP address (versus the more common

INADDR_ANY).

 

Solution

Corrected bind processing to handle specific IP addresses.

 

Title

TCP MSL now configurable

 

Case:  1202852

 

Date Fixed:  10/03/05

 

Description

Current implementation sets default to 120 seconds.

 

Solution

Made this configurable.  Now time that sockets must be in wait state after use is adjustable by user.

 

Title

IGMPv3 Packet Processing Failures

 

Case:  15849

 

Date Fixed:  07/11/05

 

Description

Multicasts across routers are failing because IGMPv3 packets are being ignored.

 

Solution

IGMPv3 packet size is now ignored (IGMPv3 packets are longer than v2) and the packet is treated like a v2 packet.

 

Title

TCP/ICMP blind connection reset attack

 

Case:  16474

 

Date Fixed:  06/28/05

 

Description

TCP connections are reset under the blind ICMP destination unreachable attack.  Reproducible with Retina Network Security Scanner from eEye Digital Security.

 

Solution

Added sequence number check into stack as suggested in raft-gont-tcpm-icmp-attacks-03.txt.

 

Files:   netos\h\fpublic.h

            netos\h\naip_global.h

            netos\lib\32b\libtcpip.a (GNU)
            netos\lib\32b\tcpip.a (GHS)

            netos\src\bsp\common\naip_global.c

            netos\src\bsp\platforms\ns7520_a\aceCallbacks.c
            netos\src\bsp\platforms\net50_d\aceCallbacks.c
            netos\src\bsp\platforms\net50bga_a\aceCallbacks.c
            netos\src\bsp\platforms\connectem\aceCallbacks.c
            netos\src\bsp\platforms\connectme\aceCallbacks.c
            netos\src\bsp\platforms\connect50\aceCallbacks.c
            netos\src\bsp\platforms\connectsp\aceCallbacks.c
            netos\src\bsp\platforms\connectwiem\aceCallbacks.c
            netos\src\bsp\platforms\connectwime\aceCallbacks.c

Special Instructions

 

• Unzip the patch(es) to the root of your NET+OS installation, for example C:\netos60_gnu\.
• Be sure to install any patches listed under Dependencies below
• Rebuild your BSP.
• Rebuild your application.

 

Patch Link:  TCPIPUpdates_60

 

Dependencies

This patch also requires the installation of the following patch(es):

 

ApiReference_60

 

If you are a NET+OS 6.0 GNU user, you must install this patch first –

Patch Link:  6.0F GNU Update 1

 

If you are a NET+OS 6.0 GHS user, you must install this patch first –

Patch Link:  6.0 GHS Update 1